Report: Cyberspace Becoming More Malicious

Online security company MessageLabs found that more than three-quarters of
the e-mail messages it scanned in May were spam, an increase of 3.3 percent
over the previous month, said Mark Sunner, MessageLabs' chief security analyst.

That number is not surprising given that one out of every 170 messages was
found to contain some kind of malicious code, and 90 percent of that code is
botware, which turns computers into spam-sending zombies, he added.

As the volume of unsolicited and often malicious e-mail steadily grows, a turf
war is being fought behind the scenes by rival worms competing to build massive
botnets.

Numerous variants of the Storm worm dominated the botnet underworld for 18
months until Microsoft's Malicious Software Removal Tool suppressed them
earlier this year. But Storm has been replaced by another fast-changing Trojan
-- Srizbi -- that now accounts for 40 percent of all spam, Sunner
said.

"Srizbi is the new game in town," he said. "But Storm seems
to be fighting back. We've intercepted two big waves."

Several new iterations of Storm have been found, but they do not appear to
be producing spam yet, Sunner said. He predicted that it was only a matter of
time before Storm botnets become established with the command and control networks
needed to begin operating again.

The public sector ranked 15th in the amount of spam received, at 75.7 percent.
The manufacturing sector was No. 1, with about 85 percent. But the public sector
ranked third in the amount of malware in incoming traffic: one in every 107
messages, well above the overall average of one in every 170 messages.

"Government is a prominent target for malware" because of the amount
of sensitive and valuable information available in electronic files and databases,
Sunner said.

He said the increase in the overall level of malicious code in messages is
disturbing. "In the year 2000, it was one in 2,500 and one in 1,500 in
2003," he said.

The increase in malware coincides with the growth of spam as a large-scale
commercial enterprise linked to phishing and identity theft. That development,
in turn, is tied to the adoption of broadband Internet connections in this country,
which began taking off in 2003.

One of the newest wrinkles in spamming is to take advantage of free online
document services.

"The spammers are starting to abuse some of the hosted document formats,"
such as Google Docs and Microsoft's SkyDrive free online storage, Sunner
said. The spam e-mail simply has a link to an online document that contains
the message. "E-mail filters don't follow links," he said,
and they aren't likely to block messages from trusted names such as Google
and Microsoft. The services also have the advantage of large amounts of bandwidth,
so they are not likely to be swamped by blasts of spam.

Fortunately, as more security is moved into the fabric of the Internet, service
providers will be better able to protect users from unwanted and malicious traffic,
Sunner said. Unfortunately, it looks like there will be more of that traffic
to protect us from.

About the Author

William Jackson is the senior writer for Government Computer News (GCN.com).